3.2.42. high availability¶

HA groups¶

Note

requires a specific license: Product.

Global high-availability configuration.

vsr running config# ha

group (pushed)¶

The list of high-availability groups on the device, used to advertise an high-availability status. Each group can be associated to one notifier and several subscribers.

vsr running config# ha group <group>

<group>

An high-availability group.

state¶

Force the high-availability state of this group.

vsr running config# ha group <group>
vsr running group <group># state STATE

`STATE` values	Description
`master`	Set master state.
`backup`	Set backup state.

HA neighbor¶

Note

requires a specific license: Product.

High-availability neighbor configuration.

vsr running config# vrf <vrf> ha-neighbor

enabled (pushed)¶

Enable/Disable HA neighbor in this VRF.

vsr running config# vrf <vrf> ha-neighbor
vsr running ha-neighbor# enabled true|false

Default value: true

node-id (mandatory)¶

The local node ID.

vsr running config# vrf <vrf> ha-neighbor
vsr running ha-neighbor# node-id <1-15>

local-address (mandatory)¶

The local IP address used to accept remote peer connections.

vsr running config# vrf <vrf> ha-neighbor
vsr running ha-neighbor# local-address LOCAL-ADDRESS

`LOCAL-ADDRESS` values	Description
`<ipv4-address>`	An IPv4 address.
`<ipv6-address>`	An IPv6 address.

listen-ha-group (mandatory)¶

The HA group to be monitored.

vsr running config# vrf <vrf> ha-neighbor
vsr running ha-neighbor# listen-ha-group <string>

interface (mandatory)¶

Interface used for peer discovery in multicast mode.

vsr running config# vrf <vrf> ha-neighbor
vsr running ha-neighbor# interface INTERFACE

INTERFACE

An interface name.

state (state only)¶

The high-availability state.

vsr> show state vrf <vrf> ha-neighbor state

HA conntrack¶

Note

requires a specific license: Product.

High-availability conntrack configuration.

vsr running config# vrf <vrf> ha-conntrack

enabled (pushed)¶

Enable/Disable HA conntrack in this VRF.

vsr running config# vrf <vrf> ha-conntrack
vsr running ha-conntrack# enabled true|false

Default value: true

local-address (mandatory)¶

The local IP address used to accept remote peer connections.

vsr running config# vrf <vrf> ha-conntrack
vsr running ha-conntrack# local-address LOCAL-ADDRESS

`LOCAL-ADDRESS` values	Description
`<ipv4-address>`	An IPv4 address.
`<ipv6-address>`	An IPv6 address.

listen-ha-group (mandatory)¶

The HA group to be monitored.

vsr running config# vrf <vrf> ha-conntrack
vsr running ha-conntrack# listen-ha-group <string>

interface (mandatory)¶

Interface used to send synchronization messages.

vsr running config# vrf <vrf> ha-conntrack
vsr running ha-conntrack# interface INTERFACE

INTERFACE

An interface name.

state (state only)¶

The high-availability conntrack state.

vsr> show state vrf <vrf> ha-conntrack state

protocol-list¶

Configure protocols to accept or ignore.

vsr running config# vrf <vrf> ha-conntrack protocol-list

accept (mandatory)¶

Accept or ignore protocols.

vsr running config# vrf <vrf> ha-conntrack protocol-list
vsr running protocol-list# accept true|false

protocol (mandatory)¶

Protocol list to accept or ignore.

vsr running config# vrf <vrf> ha-conntrack protocol-list
vsr running protocol-list# protocol PROTOCOL

`PROTOCOL` values	Description
`tcp`	Add TCP in the list.
`sctp`	Add SCTP in the list.
`dccp`	Add DCCP in the list.
`udp`	Add UDP in the list.
`icmp`	Add ICMP in the list.
`ipv6-icmp`	Add IPv6 ICMP in the list.

address-list¶

Configure addresses to accept or ignore.

vsr running config# vrf <vrf> ha-conntrack address-list

accept (mandatory)¶

Accept or ignore addresses.

vsr running config# vrf <vrf> ha-conntrack address-list
vsr running address-list# accept true|false

address (mandatory)¶

Address list to accept or ignore.

vsr running config# vrf <vrf> ha-conntrack address-list
vsr running address-list# address ADDRESS

`ADDRESS` values	Description
`<ipv4-address>`	An IPv4 address.
`<ipv6-address>`	An IPv6 address.

HA fast-path conntrack¶

Note

requires a specific license: FP Firewall or CG-NAT.

High-availability (fast-path) conntrack configuration.

vsr running config# vrf <vrf> ha-fp-conntrack

enabled¶

Enable or disable CG-NAT and firewall High Availability.

vsr running config# vrf <vrf> ha-fp-conntrack
vsr running ha-fp-conntrack# enabled true|false

Default value: true

listen-ha-group (mandatory)¶

The HA group to be monitored.

vsr running config# vrf <vrf> ha-fp-conntrack
vsr running ha-fp-conntrack# listen-ha-group <leafref>

peer¶

List of HA peers.

vsr running config# vrf <vrf> ha-fp-conntrack peer <peer>

<peer>

The name of the HA peer.

source (mandatory)¶

The IPv4/IPv6 source address used to reach the peer.

vsr running config# vrf <vrf> ha-fp-conntrack peer <peer>
vsr running peer <peer># source SOURCE

`SOURCE` values	Description
`<ipv4-address>`	An IPv4 address.
`<ipv6-address>`	An IPv6 address.

address (mandatory)¶

Remote IP address to communicate with the HA peer.

vsr running config# vrf <vrf> ha-fp-conntrack peer <peer>
vsr running peer <peer># address ADDRESS

`ADDRESS` values	Description
`<ipv4-address>`	An IPv4 address.
`<ipv6-address>`	An IPv6 address.